zeronetworks / rpcfirewall
☆492Updated 2 months ago
Alternatives and similar repositories for rpcfirewall:
Users that are interested in rpcfirewall are comparing it to the libraries listed below
- A centralized resource for previously documented WDAC bypass techniques☆508Updated 9 months ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆320Updated last year
- A C# utility for interacting with SCCM☆606Updated 5 months ago
- Aims to identify sleeping beacons☆564Updated 2 months ago
- ☆375Updated 2 years ago
- A PowerShell armoury for security guys and girls☆467Updated last year
- Event Tracing For Windows (ETW) Resources☆362Updated 4 months ago
- ☆232Updated 9 months ago
- Detect and respond to Cobalt Strike beacons using ETW.☆486Updated 2 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆445Updated 2 years ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆474Updated last year
- Sysmon EDR POC Build within Powershell to prove ability.☆219Updated 3 years ago
- Active Directory delegation management tool☆289Updated last year
- An effort to track security vendors' use of Microsoft's Antimalware Scan Interface☆241Updated 3 years ago
- Scan installed EDRs and AVs on Windows☆577Updated last year
- ☆199Updated 3 months ago
- Sysmon configuration file template with default high-quality event tracing☆471Updated last year
- MAL-CL (Malicious Command-Line)☆309Updated 2 years ago
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆753Updated last week
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆698Updated last year
- "Golden" certificates☆654Updated 6 months ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping …☆930Updated last month
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆486Updated 2 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆390Updated 5 months ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆249Updated last year
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆731Updated 11 months ago
- ☆465Updated last year
- ☆701Updated this week
- Identify the attack paths in BloodHound breaking your AD tiering☆314Updated 2 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆314Updated 4 months ago